fixed rootless docker setup
This commit is contained in:
@@ -187,7 +187,7 @@ After=network.target
|
|||||||
[Service]
|
[Service]
|
||||||
User=rss-svc
|
User=rss-svc
|
||||||
Group=rss-svc
|
Group=rss-svc
|
||||||
Environment=PATH=/home/rss-svc/bin:/usr/bin:/bin
|
Environment=PATH=/home/rss-svc/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||||
Environment=XDG_RUNTIME_DIR=/home/rss-svc/.docker/run
|
Environment=XDG_RUNTIME_DIR=/home/rss-svc/.docker/run
|
||||||
ExecStart=/home/rss-svc/bin/dockerd-rootless.sh
|
ExecStart=/home/rss-svc/bin/dockerd-rootless.sh
|
||||||
Restart=always
|
Restart=always
|
||||||
@@ -216,6 +216,17 @@ Verify it came up (as `rss-svc`, with the `.bashrc` exports loaded):
|
|||||||
docker info
|
docker info
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> **cgroup driver note**: rootless Docker defaults to the **systemd** cgroup driver, which expects a per-user slice (`user-<uid>.slice`) created by a logind session — something we don't have here by design. If `docker compose up --build` later fails with `open /sys/fs/cgroup/user.slice/user-<uid>.slice/cgroup.controllers: no such file or directory`, switch dockerd to manage cgroups itself instead. As `rss-svc`:
|
||||||
|
> ```sh
|
||||||
|
> mkdir -p ~/.config/docker
|
||||||
|
> cat > ~/.config/docker/daemon.json << 'EOF'
|
||||||
|
> {
|
||||||
|
> "exec-opts": ["native.cgroupdriver=cgroupfs"]
|
||||||
|
> }
|
||||||
|
> EOF
|
||||||
|
> ```
|
||||||
|
> then, as your sudo-capable user, `sudo systemctl restart docker-rss-svc`.
|
||||||
|
|
||||||
**3. Deploy the stack as `rss-svc`:**
|
**3. Deploy the stack as `rss-svc`:**
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
|
|||||||
Reference in New Issue
Block a user